THC Fuzzy Fingerprint, 
 ffp-0.0.8.tar.gz

 Last update 2003-10-25

 [0x01] Introduction
  
        Welcome to the mini website of the THC Fuzzy Fingerprints project. 
        Fuzzy fingerprinting (ffp) is a technique that extends common man-
        in-the-middle attacks by generating fingerprints that closely look 
        like the target's public key fingerprint. 
        
        Due to the fact that fuzzy fingerprinting doesn't try to collide
        the fingerprints, good results can be achieved in reasonable 
        time. 
         
        A rather complete documentation of the background and a sample 
        session is available in the fuzzy fingerprints article available 
        as HTML ffp.html or PDF ffp.pdf. 
        
        
 [0x02] The Challenge 
       
        THC is doing a little "seti@home" like competition. The challenge 
        is to generate the best fuzzy fingerprint for our target public 
        SSH host key. Here are some information on our victim's SSH public
        host key.
        
             The victim host: kimble.org
              Public SSH key: kimble.org.pub
        Public key algorithm: RSA
           Public key length: 1024
         MD5 key fingerprint: 08:54:5d:27:f8:e9:47:4e:49:8a:87:7e:03:cc:98:73

        Download the fuzzy fingerprint release from the link at the top of
        this page and join the competition. Compile ffp and launch the 
        tool against the victim host's fingerprint and key algorithm using 
        the following setup. (It is essential that you provide all of the 
        given arguments to ffp so that we are able to compare different 
        people's fuzzy fingerprints)

            $ ffp -f md5 -k rsa -b 1024 \
                  -t 08:54:5d:27:f8:e9:47:4e:49:8a:87:7e:03:cc:98:73 \
                  -s /var/tmp/kimble.org.state                
       
        You can stop the process at any point and continue later by just
        using the following comman line options.

            $ ffp -s /var/tmp/kimble.org.state
       
            
 [0x03] The Highscore

        If you think you have "crunched" a good fuzzy fingerprint compare
        its quality against the fingerprints in the list below. If you are
        better than one of those listed below, send an email to 
        plasmoid@thc.org including the attached state file, 
        e.g. /var/tmp/kimble.org.state. Please also note whether you 
        are using a big endian or little endian (e.g. x86) system. 


               Target:      08:54:5d:27:f8:e9:47:4e:49:8a:87:7e:03:cc:98:73
         
   User      | Best Fuzzy Fingerprint  
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Kill Switch | 73.221703% | 08:54:5d:27:a1:5b:82:39:f6:ba:79:df:67:6d:78:73 | ks.state (little endian)
             | Running:   0d 14h 21m 00s | Total:    5035847k hashs | Speed:    97481 hashs/s
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Skyper      | 71.278890% | 08:54:56:2c:28:d6:87:89:5e:02:a6:fd:43:c9:d8:73 | skyper.state (little endian)
             | Running: 109d 15h 00m 00s | Total: 1037873082k hashs | Speed:   109577 hashs/s
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Ruth        | 71.208378% | 08:54:5d:39:d6:20:58:b3:f0:99:39:2d:7d:2c:98:73 | ruth.state (little endian)
             | Running:  63d 16h 26m 00s | Total:  602918929k hashs | Speed:   109575 hashs/s 
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Data7       | 70.596880% | 08:54:5d:25:c6:15:03:7a:b6:77:5b:ea:02:25:c8:73 | data7.state (little endian)
             | Running:   4d 08h 39m 00s | Total:   20327928k hashs | Speed:    53957 hashs/s 
-------------+------------+-------------------------------------------------+-----------------------------
 RD          | 70.235077% | 08:54:5d:24:d5:35:3c:48:f3:02:7f:1b:d7:fc:98:7f | rd.state (little endian)
             | Running:   6d 23h 51m 00s | Total:   59437023k hashs | Speed:    98363 hashs/s
-------------+------------+-------------------------------------------------+-----------------------------
 Subbero     | 70.175558% | 08:54:6d:27:96:be:03:93:46:48:67:e2:f4:6c:c8:73 | subbero.state (little endian)
             | Running:   7d 19h 20m 00s | Total:   71883922k hashs | Speed:   106589 hashs/s
-------------+------------+-------------------------------------------------+-----------------------------
 Plasmoid    | 68.813225% | 08:54:52:27:16:e2:37:99:f3:cd:a1:ad:89:a5:98:d3 | pld.state (big endian)
             | Running:  10d 04h 11m 00s | Total:   20354244k hashs | Speed:    23155 hashs/s
-------------+------------+--------------+--------------------------+-------+-----------------------------
 OutOfBound  | 66.946361% | 08:54:5d:2a:a0:63:0c:b7:66:7d:1e:c4:a4:3c:38:63 | oob.state (little endian)
             | Running:   2d 17h 25m 00s | Total:   15283114k hashs | Speed:    64896 hashs/s
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Septi       | 66.666627% | 08:54:5d:27:fb:c0:2e:32:cd:e2:4f:ad:6d:52:eb:53 | septi.state (little endian)
             | Running:   5d 21h 16m 00s | Total:     657624k hashs | Speed:     1293 hashs/s
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Arundel     | 63.615695% | 08:24:5d:07:eb:57:19:8a:00:f6:41:67:b7:90:98:73 | arundel.state (little endian)
             | Running:   1d 06h 46m 00s | Total:    4926067k hashs | Speed:    44475 hashs/s
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Frelo       | 60.857133% | 08:59:9d:27:57:9c:d6:cd:d5:a5:28:41:40:c7:94:73 | ferlo.state (little endian)
             | Running:   0d 00h 17m 00s | Total:      14330k hashs | Speed:    14049 hashs/s
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Trippz      | 60.617618% | 08:54:5d:ec:34:e7:81:f1:46:df:8a:3c:e5:36:48:75 | trippz.state (little endian)
             | Running:   0d 01h 10m 00s | Total:      56503k hashs | Speed:    13453 hashs/s    
-------------+------------+--------------+--------------------------+-------+-----------------------------
 Pille       | 57.867431% | 08:52:4d:17:2f:e4:32:ae:2a:bf:c6:2a:f3:fa:92:73 | pille.state (little endian)
             | Running:   0d 00h 15m 00s | Total:      95794k hashs | Speed:   106438 hashs/s
-------------+---------------------------+--------------------------+-------------------------------------

               

 Comments and suggestions are welcome.

 Yours sincerly,

 The Hackers Choice
 http://www.thc.org